Of course, Cellebrite offers its equipment only to law enforcement personnel, so it's not as if criminals are running around Smartphone Town with the key to the city. Consider, too, that it's actually considerably harder for a person with no hacking experience to recover deleted data on a phone than it is for that person to recover deleted data on a discarded hard drive, simply because so many different mobile operating systems exist, especially on feature phones from two or three years ago. And many of the phones being discarded today have proprietary operating systems that won't work with the free data-recovery software that you can download off the Internet with the click of a button.
That said, no smartphone--whether it's an Android device, a BlackBerry, or an iPhone--is impossible to forensically analyze, and not all of the experts who are analyzing phones are good guys. Shaun Hipgrave, managing director for Forensic Telecommunications Services, analyzes iPhones, and says that no matter what kinds of security Apple adds to the iPhone, hackers will crack it. "The hacking community doesn't do it for financial gains, they do it for intellectual stimulus," he says.
So how do you make sure your data is for your eyes only? First, always wipe your phone yourself before you sell it to another person or to a company. Every phone has a different process: Most models allow you to restore factory settings through the phone's menu, and many will require you to enter your phone's password once or many times over. To restore the phone correctly, check the manual, or do a Google search for a step-by-step video.
If you're really worried about unauthorized recovery of your data, BlackBerrys are a good choice: If you do a factory reset on the phone and don't touch it for 30 days, the memory will automatically reorganize, making it harder for hackers to carve out pieces of your data in a forensic analysis. iPhone apps such as iErase and Android apps like ShreDroid will write over deleted data on your handset with random 1s and 0s after you've conducted a factory reset.
None of these solutions are perfect, and information might still be available from your used phone regardless. So if you're especially paranoid, do as vNet Security's Paul Henry does with his old phones and those of his family: Take apart the phone, and use a hammer to break the memory chip into bits. Hey, you could probably get some money from the scrap metal.
This story, "Your old smartphone's data can come back to haunt you" was originally published by PCWorld.